Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filter

All (6)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed

Vulnerability Analysis

Ivanti EPMM CVE-2026-6973: Authenticated RCE on CISA KEV in May 2026

Ivanti disclosed CVE-2026-6973 on May 7, 2026, an improper-input-validation RCE in Endpoint Manager Mobile already seeing limited exploitation. CISA gave federal agencies a three-day patch deadline.

May 8, 202610 min read

Vulnerability Response

CVE-2025-22462 in Ivanti Neurons for ITSM: Patch Posture & SBOM Response

Ivanti Neurons for ITSM auth bypass scored CVSS 9.8 and grants full admin access. Defender playbook for the ITSM patching emergency.

May 15, 20256 min read

Vulnerability Analysis

Ivanti Connect Secure CVE-2025-22457: Another Critical Zero-Day, Same Product

A stack-based buffer overflow in Ivanti Connect Secure was exploited by Chinese threat actors just months after the previous zero-day in the same product. The vulnerability was initially misclassified as low-risk.

Apr 3, 20255 min read

Vulnerability Analysis

Ivanti Connect Secure Zero-Day: CVE-2025-0282 Under Active Exploitation

A stack-based buffer overflow in Ivanti Connect Secure allowed unauthenticated remote code execution. Chinese threat actors exploited it before any patch existed.

Jan 8, 20255 min read

Vulnerability Analysis

Ivanti Cloud Services Appliance CVE-2024-8963: Chained Exploitation

Ivanti's Cloud Services Appliance faced chained zero-day exploitation in September 2024, with attackers combining path traversal and command injection for unauthenticated RCE.

Sep 13, 20246 min read

Vulnerability Analysis

Ivanti EPMM Zero-Day CVE-2023-35078: Norwegian Government Breach

A critical authentication bypass in Ivanti's Endpoint Manager Mobile was exploited to breach Norwegian government agencies, earning a perfect CVSS 10.0 score.

Aug 8, 20234 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.